We are undergoing a data protection renaissance. New laws have considerably expanded corporate obligations regarding security and privacy for information in all forms. A significant obligation of the laws is applicable to basically all organizations; the duty to provide reasonable security for all corporate information. Bottom line, generally all organizations have some legal obligation to establish effective information security programs. It is important to realize that in most cases there are no hard and fast rules regarding which specific security measures a company should implement to satisfy its legal and privacy law obligations. In this podcast I discuss what you need to know to protect your business when trying to comply with the multitude of privacy laws, and I describe a unified, process oriented best practice approach organizations can use to address the requirements of such laws as HIPAA, GLBA, Canada’s PIPEDA, the EU Data Protection Directive, among many, many others.
MP3: Rebecca Herold – Demystifying Privacy Laws: What You Need to Know to Protect Your Business